Jump to content

IP Block 208.87.149.250


Recommended Posts

Hello,

I am a new user of Malware Bytes Anti Malware and i came to know about MBAM from mozilla forums. I was experiencing problems in accessing sites like yahoo and google from both mozilla and chrome and the message "DNS lookup failed was being displayed". I went through different forums and i decided to try out MBAM to fish out any infections in my system. I have Avast antivirus installed in my system and a scan from both of these ( Avast and MBAM) revealed zero virus and infections in my system.

However, i constantly keep getting a pop up from MBAM about access to one partiular IP address 208.87.149.250 being blocked by MBAM and the Process Initiator being Avastsvc.exe (used by Avast Antivirus Sofware). I have gone through the MBAM forums and understand that it is infact some other process that is trying to provide access to this particular IP but Windows portrays it as Avast . So, as sugggested (Section G of http://forums.malwarebytes.org/index.php?showtopic=10138&st=0&p=162100entry162100), I installed the TCPView to know which is the process which is actually initiating the hit to this IP but i see that the TCPView does not show 208.87.149.250 anywhere or at anytime in the list of remote addresses (or maybe i am missing it.. :( )

I did a google search for this IP and I see that this IP is regitered to a particular FreeLook Incorporation from NA and is BlackListed and is also said to be noted for DNS Infiltration and spamming.

Please find below the log file of MBAM in my system.

14:18:05 divya IP-BLOCK 208.87.149.250 (Type: outgoing, Port: 52322, Process: avastsvc.exe)

14:18:06 divya IP-BLOCK 208.87.149.250 (Type: outgoing, Port: 52323, Process: avastsvc.exe)

14:33:08 divya IP-BLOCK 208.87.149.250 (Type: outgoing, Port: 52960, Process: avastsvc.exe)

14:33:08 divya IP-BLOCK 208.87.149.250 (Type: outgoing, Port: 52961, Process: avastsvc.exe)

16:14:57 divya IP-BLOCK 208.87.149.250 (Type: outgoing, Port: 53616, Process: avastsvc.exe)

16:14:57 divya IP-BLOCK 208.87.149.250 (Type: outgoing, Port: 53617, Process: avastsvc.exe)

16:29:59 divya IP-BLOCK 208.87.149.250 (Type: outgoing, Port: 54280, Process: avastsvc.exe)

16:29:59 divya IP-BLOCK 208.87.149.250 (Type: outgoing, Port: 54281, Process: avastsvc.exe)

16:44:59 divya IP-BLOCK 208.87.149.250 (Type: outgoing, Port: 54399, Process: avastsvc.exe)

16:44:59 divya IP-BLOCK 208.87.149.250 (Type: outgoing, Port: 54400, Process: avastsvc.exe)

16:59:58 divya IP-BLOCK 208.87.149.250 (Type: outgoing, Port: 54624, Process: avastsvc.exe)

16:59:58 divya IP-BLOCK 208.87.149.250 (Type: outgoing, Port: 54625, Process: avastsvc.exe)

17:11:28 divya IP-BLOCK 208.87.149.250 (Type: outgoing, Port: 54791, Process: avastsvc.exe)

17:11:28 divya IP-BLOCK 208.87.149.250 (Type: outgoing, Port: 54792, Process: avastsvc.exe)

17:14:57 divya IP-BLOCK 208.87.149.250 (Type: outgoing, Port: 54953, Process: avastsvc.exe)

17:14:57 divya IP-BLOCK 208.87.149.250 (Type: outgoing, Port: 54954, Process: avastsvc.exe)

17:29:55 divya IP-BLOCK 208.87.149.250 (Type: outgoing, Port: 55085, Process: avastsvc.exe)

17:29:55 divya IP-BLOCK 208.87.149.250 (Type: outgoing, Port: 55086, Process: avastsvc.exe)

Could you please suggest what can i do to stop this IP from accessing my machine and how i could know which is the particular process which is supporting access to this IP from my system? Pleaseee Helpp.. :(

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.